UNPKG

@oslojs/webauthn

Version:

Parse and verify Web Authentication data

github.com/oslo-project/webauthn

oslo-project/webauthn

154 lines (153 loc) 5.38 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
import { decodeCBORToNativeValue } from "@oslojs/cbor"; import { bigIntFromBytes } from "@oslojs/binary"; export function decodeCOSEPublicKey(data) { let decoded; let size; try { [decoded, size] = decodeCBORToNativeValue(data, 4); } catch { throw new Error("Failed to decode CBOR"); } if (typeof decoded !== "object" || decoded === null) { throw new Error("Invalid CBOR map"); } return [new COSEPublicKey(decoded), size]; } export class COSEPublicKey { decoded; constructor(decoded) { this.decoded = decoded; } type() { if (!(1 in this.decoded) || typeof this.decoded[1] !== "number") { throw new Error("Invalid or missing parameter 'kty'"); } const typeId = this.decoded[1]; if (typeId in COSE_KEY_ID_MAP) { return COSE_KEY_ID_MAP[typeId]; } throw new Error(`Unknown 'kty' value '${typeId}'`); } isAlgorithmDefined() { if (!(3 in this.decoded)) { return false; } if (typeof this.decoded[3] !== "number") { throw new Error("Invalid parameter 'alg'"); } return true; } algorithm() { if (!(3 in this.decoded) || typeof this.decoded[3] !== "number") { throw new Error("Invalid or missing parameter 'alg'"); } return this.decoded[3]; } ec2() { if (this.type() !== COSEKeyType.EC2) { throw new Error("Expected an elliptic curve public key"); } if (!("-1" in this.decoded) || typeof this.decoded["-1"] !== "number") { throw new Error("Invalid or missing parameter 'crv'"); } const curve = this.decoded["-1"]; if (!("-2" in this.decoded) || !(this.decoded["-2"] instanceof Uint8Array)) { throw new Error("Invalid or missing parameter 'x'"); } const xBytes = this.decoded["-2"]; if (xBytes.byteLength !== 32) { throw new Error("Invalid or missing parameter 'x'"); } if (!("-3" in this.decoded) || !(this.decoded["-3"] instanceof Uint8Array)) { throw new Error("Invalid or missing parameter 'y'"); } const yBytes = this.decoded["-3"]; if (yBytes.byteLength !== 32) { throw new Error("Invalid or missing parameter 'y'"); } const publicKey = { curve, x: bigIntFromBytes(xBytes), y: bigIntFromBytes(yBytes) }; return publicKey; } rsa() { if (this.type() !== COSEKeyType.RSA) { throw new Error("Expected an RSA public key"); } if (!("-1" in this.decoded) || !(this.decoded["-1"] instanceof Uint8Array)) { throw new Error("Invalid or missing parameter 'n'"); } const nBytes = this.decoded["-1"]; if (nBytes.byteLength !== 256) { throw new Error("Invalid or missing parameter 'n'"); } if (!("-2" in this.decoded) || !(this.decoded["-2"] instanceof Uint8Array)) { throw new Error("Invalid or missing parameter 'e'"); } const eBytes = this.decoded["-2"]; if (eBytes.byteLength !== 3) { throw new Error("Invalid or missing parameter 'e'"); } const publicKey = { n: bigIntFromBytes(nBytes), e: bigIntFromBytes(eBytes) }; return publicKey; } okp() { if (this.type() !== COSEKeyType.OKP) { throw new Error("Expected an octet key pair public key"); } if (!("-1" in this.decoded) || typeof this.decoded["-1"] !== "number") { throw new Error("Invalid or missing parameter 'curve'"); } const curve = this.decoded["-1"]; if (!("-2" in this.decoded) || !(this.decoded["-2"] instanceof Uint8Array)) { throw new Error("Invalid or missing parameter 'x'"); } const x = this.decoded["-2"]; if ("-4" in this.decoded) { throw new Error("Unexpected parameter 'd'"); } const publicKey = { curve, x }; return publicKey; } symmetric() { if (this.type() !== COSEKeyType.Symmetric) { throw new Error("Expected an symmetric key"); } if (!("-1" in this.decoded) || !(this.decoded["-1"] instanceof Uint8Array)) { throw new Error("Invalid or missing parameter 'k'"); } const k = this.decoded["-1"]; return k; } } export const coseAlgorithmES256 = -7; export const coseAlgorithmRS256 = -257; export const coseAlgorithmEdDSA = -8; export const coseEllipticCurveP256 = 1; export const coseEllipticCurveEd25519 = 6; export var COSEKeyType; (function (COSEKeyType) { COSEKeyType[COSEKeyType["OKP"] = 0] = "OKP"; COSEKeyType[COSEKeyType["EC2"] = 1] = "EC2"; COSEKeyType[COSEKeyType["RSA"] = 2] = "RSA"; COSEKeyType[COSEKeyType["Symmetric"] = 3] = "Symmetric"; COSEKeyType[COSEKeyType["HSSLMS"] = 4] = "HSSLMS"; COSEKeyType[COSEKeyType["WalnutDSA"] = 5] = "WalnutDSA"; })(COSEKeyType || (COSEKeyType = {})); const COSE_KEY_ID_MAP = { 1: COSEKeyType.OKP, 2: COSEKeyType.EC2, 3: COSEKeyType.RSA, 4: COSEKeyType.Symmetric, 5: COSEKeyType.HSSLMS, 6: COSEKeyType.WalnutDSA };